Hello Everyone,
Needs some advise with setting up Mobile phone only network/Wifi. I dont want any other devices to connect to the Wi-Fi expect cell phones/Ipads. I am using unifi network and i tried to find option if i can filter by device type instead of using mac address to block devices.
Thanks in advance 
AFAIK you can only filter by MAC for Wifi access. The is no such thing as a device type filter.
The other thing you can do is assign static IPs to your phones in your router and there define the wifi as a separate network and create IP filter rules that only allow the static IP of you phones to access the Internet and/or other networks. In pfsense you could use an Alias in a filter rule, where the Alias contains the IPs of all phones.
This probably wouldn’t work or with some caveats. If the phone (at least iphones but i guess this should be similar on android) has private wifi address setting enabled then the mac address can change. Usually it stay the same but if connect regularly to several wifi networks the address is expected to change from time to time.
Perhaps hiding the ssid could help.
Or with radius authentication with certificates but i don’t know if you can do that with unifi radius or if you have to setup radius on another server.
What’s the use case ? Why only mobile phones ? What others devices should not connect ?
ok, of course you need to disable random mac address in the phone to get a static IP, and also to be able to use MAC access filter
The reason for mobile only network I dont want users to connect there laptop to wifi when in office for security purposes. But i guess I can filter them by mac address or hostnames. I couldnt find any option in unifi network.
BTW if you google this it tells you there is option in unifi network to create cell phone only wifi by selecting device type…
You can filter mac adresses. You can add mac adresses and a deny or approve statement.
The option is located in the wifi network definition page when selecting manual options.
If in a professional context you have perhaps a radius sever connected to your directory server that could help.
To add to @caplam mentioning Radius, have you considered setting up Passpoint/Hotspot 2.0? I know Passpoint supports device restrictions, but I have no experience with it in the UniFi ecosystem. I did find this UI article that may help get you on the trail: https://help.ui.com/hc/en-us/articles/25473982758551-Setting-Up-Passpoint-on-UniFi-Network
Outside of that, are the laptops in question company owned/managed or personal (BYOD)?
If company provided, and assuming they run Windows and are AD domain joined, you can create group policy restrictions.
Similar to above, if the devices are Entra (Azure AD [AAD]) joined/managed, you can create similar policies via InTune, assuming you have InTune available.